7159d835728aadaf73f0b5571d39fda5

Sharing

Copy URL Twitter E-mail

General

Target

7159d835728aadaf73f0b5571d39fda5
Size

552KB
MD5

7159d835728aadaf73f0b5571d39fda5
SHA1

3b5af404a5307b0dbb460a282a8f8cfc946407e3
SHA256

e6bf28f3e157fc9f532cfc11f8d2f5279339d22e3bbad8ddc5967ae8ad4a2054
SHA512

c6f136fad6ed2aceb167cd2777e8eacef46aa55491fc9cb3a22f0fd2f0806856a528f9b02cacf992553de90a105c836a1fb861c3f5d9c0fcb79dbace4109dafb
SSDEEP

12288:yGpcgTDiplp74+ABnFwAq6N1JXpvMf3v4UN4sT4B8uYojWR1:yMcgfiplJ4HpFPH1J0fT0BPi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7159d835728aadaf73f0b5571d39fda5

Files

7159d835728aadaf73f0b5571d39fda5
.exe windows:4 windows x86 arch:x86

d6f238ff1984821a06bfc9fe4df61430

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

PageSetupDlgW
ChooseFontW
ChooseColorA

kernel32

UnhandledExceptionFilter
VirtualFree
lstrcpy
GetConsoleTitleW
HeapReAlloc
GetCPInfo
WideCharToMultiByte
InitializeCriticalSection
GetTickCount
VirtualProtectEx
GetEnvironmentStringsW
FlushFileBuffers
LCMapStringW
ReadConsoleInputW
GetStartupInfoA
SetConsoleCtrlHandler
GetModuleFileNameW
GlobalLock
HeapSize
TlsSetValue
SetFilePointer
LoadResource
GetProcAddress
SetStdHandle
GetModuleHandleA
CreateNamedPipeW
GetCurrentThreadId
GetSystemTime
IsBadWritePtr
lstrcmpW
QueryPerformanceCounter
CompareStringW
CreateFileW
FreeEnvironmentStringsA
GetLastError
GetFileType
ReadConsoleOutputW
LockResource
EnterCriticalSection
lstrcpynW
LCMapStringA
HeapCreate
HeapDestroy
CompareStringA
GetModuleFileNameA
OpenMutexA
SetComputerNameW
CreateFileMappingW
InterlockedIncrement
GetStdHandle
SetThreadIdealProcessor
HeapAlloc
GetTempPathW
GetProfileSectionW
MultiByteToWideChar
WritePrivateProfileStringA
ExitProcess
GetCurrentThread
GetCurrentProcess
FindAtomW
CloseHandle
LoadLibraryW
IsDebuggerPresent
RtlUnwind
GlobalFindAtomW
TerminateProcess
GetCurrentDirectoryA
HeapFree
InterlockedExchange
GetStringTypeA
ReadFile
SetFileTime
GetNumberFormatA
GetDriveTypeW
VirtualQuery
DeleteCriticalSection
GetCurrentProcessId
GetStartupInfoW
SetLastError
GetEnvironmentStrings
EnumDateFormatsA
WriteConsoleInputA
TlsAlloc
CopyFileA
ReadFileEx
TlsGetValue
FreeEnvironmentStringsW
GetComputerNameA
LoadLibraryA
UnlockFile
VirtualAlloc
GetCommandLineW
SetHandleCount
lstrcpynA
GetStringTypeW
LeaveCriticalSection
GetSystemTimeAsFileTime
WaitForSingleObjectEx
GetFileAttributesW
CreateMutexA
GetProfileSectionA
TlsFree
lstrcmpi
WriteFile
FindResourceW
InterlockedDecrement
GetEnvironmentVariableA
GetVersion
GetTimeZoneInformation
GetCommandLineA
GetAtomNameW
WriteConsoleOutputW
SetEnvironmentVariableA
VirtualQueryEx
GetLocalTime

wininet

IsHostInProxyBypassList
InternetAutodial
FtpCommandA
HttpEndRequestA
UnlockUrlCacheEntryFile

comctl32

ImageList_SetBkColor
ImageList_Destroy
ImageList_DrawEx
CreateUpDownControl
ImageList_SetDragCursorImage
ImageList_GetIconSize
DrawStatusText
ImageList_GetImageRect
CreatePropertySheetPage
ImageList_BeginDrag
CreatePropertySheetPageW
ImageList_Write
CreateStatusWindowA
InitCommonControlsEx
ImageList_SetFilter
ImageList_Draw
DrawInsert
InitMUILanguage
ImageList_SetFlags
DrawStatusTextA
CreateStatusWindow
ImageList_SetImageCount
ImageList_DragLeave
ImageList_ReplaceIcon
ImageList_GetBkColor

user32

CopyIcon
DestroyWindow
DdeSetUserHandle
TranslateAcceleratorW
BeginPaint
RegisterClassExA
GetDlgItemTextW
IsWindowVisible
SetParent
DefWindowProcW
VkKeyScanW
ShowWindow
IsCharUpperW
LoadMenuIndirectA
BeginDeferWindowPos
DialogBoxParamW
IsWindow
CreateWindowExA
MessageBoxA
SetWindowsHookExA
DdeDisconnect
SetTimer
CharUpperA
RegisterClassA

shell32

SHQueryRecycleBinW
SHGetSettings
SHGetSpecialFolderPathA
CheckEscapesW

gdi32

UpdateICMRegKeyA
EnumFontFamiliesExA
GetObjectA
SetBrushOrgEx
GetDeviceCaps
DeleteDC
PolyPolygon
SetLayout
GetObjectW
CreateDCW
AddFontResourceW
SelectObject
GetBoundsRect

Sections

.text
Size: 148KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 249KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d6f238ff1984821a06bfc9fe4df61430

Headers

File Characteristics

Imports

comdlg32

kernel32

wininet

comctl32

user32

shell32

gdi32

Sections

.text Size: 148KB - Virtual size: 145KB

.rdata Size: 252KB - Virtual size: 249KB

.data Size: 116KB - Virtual size: 137KB

.rsrc Size: 32KB - Virtual size: 30KB

.text
Size: 148KB - Virtual size: 145KB

.rdata
Size: 252KB - Virtual size: 249KB

.data
Size: 116KB - Virtual size: 137KB

.rsrc
Size: 32KB - Virtual size: 30KB